<?php
	define('CONFIG_FILE',true);
	include '../config.php';
	
	define('DB_FILE',true);
	require_once '../Tool/DB/SqlDBManager.class.php';

	session_start();
	if (empty($_SESSION["userType"])) {
		$url="../Index.php";
		include_once '../Tool/Common/Redirect.php';
		exit();
	}

	if($_SESSION["userType"]!="System Admin"){
        $url="../Index.php";
		include_once '../Tool/Common/Redirect.php';
		exit();
    }
    
	$sqlDBManager = new SqlDBManager();

	$page = isset($_POST['page']) ? intval($_POST['page']) : 1;
	$rows = isset($_POST['rows']) ? intval($_POST['rows']) : 10;
	$sort = isset($_POST['sort']) ? strval($_POST['sort']) : 'CentreName';
	$order = isset($_POST['order']) ? strval($_POST['order']) : 'asc';
	$searchid='';
	if(isset($_POST['searchid'])){
		$searchid = $_POST['searchid'];
	}
	$offset = ($page-1)*$rows;
	$result = array();
	
	//Filter the $searchid
	$searchid=addslashes($searchid);
	$searchid=str_replace("%", "\%", $searchid);
	$searchid=str_replace("_", "\_", $searchid);

	$sql ="select count(*) from centre 
		WHERE CentreName LIKE ? 
		OR Address LIKE ?
		OR PostalCode LIKE ?";
		
	$parameters = array("%".$searchid."%","%".$searchid."%","%".$searchid."%");
	$res=$sqlDBManager->queryRow($sql,$parameters);
	if(!empty($res)){
		$result["total"] = $res[0];
	}
	else{
		$result["total"] = 0;
	}

	//Filter the $searchid
	$searchid=addslashes($searchid);
	$searchid=str_replace("%", "\%", $searchid);
	$searchid=str_replace("_", "\_", $searchid);
	
	$sql = "select CentreId, CentreName,Address,PostalCode from centre 
			WHERE CentreName LIKE ?
			OR Address LIKE ? 
			OR PostalCode LIKE ? 
			order by $sort $order
			limit $offset,$rows";

	$parameters = array("%".$searchid."%","%".$searchid."%","%".$searchid."%");
	$res=$sqlDBManager->queryRows($sql,$parameters);
	$items = array();
		
	if(!empty($res)){
		for($i=0;$i<count($res);$i++)
		{
			array_push($items, $res[$i]);
		}	
	}
	
	//close connection
	$sqlDBManager->close_connect();

	$result["rows"] = $items;
	echo json_encode($result);

?>